Debian 10 installation without monitor via serial

I tested some solutions I found over the internet, but some were too hard and time consuming and some others didn’t work as expected.

The whole idea is to make changes to the .iso image or the image already transferred to a bootable USB stick, in order for grub to send all output to the serial port. I used many tools and many ways to do this and I found a simple solution that suited me. What I did was quite simple.

First, use Rufus (and only Rufus) to transfer the .iso image to your USB stick. Use the default settings and transfer the .iso image.

Then, there are some file changes. All the changes/additions are marked with bold. The position of the changes matters, so  be careful. Below are the final files that worked. Continue reading

Nextcloud on OMV 5

As the title states. This solution is without the use of docker. It is just a straight forward installation of Nextcloud 18.0.3 on OMV 5 using Nginx (php-fpm)  with PHP 7.3 that is already installed and MariaDB as our database server. In order to work on port 80 or port 443, we will have to change the OMV web ports to 8080 and 8443. You can achieve this via “General settings” on the OMV web interface. This guide asumes that Nextcloud will user ports TCP/80 and TCP/443. Everything that is marked RED, needs your attention.

Let’s start with some packages.

apt install mariadb-server php-xml php-cli php-cgi php-mysql php-mbstring php-gd php-curl php-zip wget unzip php-imagick php-intl php-gmp -y

Download nextcloud and place it on folder /var/www

cd /usr/src
wget https://download.nextcloud.com/server/releases/nextcloud-18.0.4.zip
unzip nextcloud-18.0.4.zip
mv nextcloud /var/www/
chown -R www-data:www-data /var/www/nextcloud/
chmod -R 755 /var/www/nextcloud/

Continue reading

Cisco IOS Self-Signed Certificate Expiration

On Jan 1, 2020 all self signed certificates that were generated on IOS/IOS-XE platforms got expired. After that time your device will not be able to generate self signed certificates.

There are some work arounds :

  • Obtain a valid certificate from a 3rd part Certificate Authority
  • Use the IOS CA Server to generate a new certificate
  • Use OpenSSL to generate a new self-signed certificate
  • Update your system, if possible, to a fixed SSC IOS version

Systems affected :

  • All IOS 12.x
  • all IOS 15.x prior to 15.6(3)M7, 15.7(3)M5, 15.8(3)M3, 15.9(3)M
  • all IOS-XE prior to 16.9.1

You can find more information here.

DHCP server in Debian 9

These are the steps that I followed, in order to make a DHCP server in Debian 9 Stretch.

First of all we need to assign an IP address on our main ethernet interface. For this guide, I will use interface enp0s2. So we have to edit the file /etc/network/interfaces and add the following :

auto enp2s0
allow-hotplug enp2s0
iface enp2s0 inet static
address 192.168.1.1/24
dns-nameservers 8.8.8.8
dns-search mydomain.com

Then we need to download our dhcp package.

sudo apt install isc-dhcp-server
Continue reading

Napco 1632 virtual keypad project

UPDATE 29/8/2020 : I was very pleased to see, that other people also share their time and their knowledge to help others. I did abandoned this project until Matt made a comment on this post with a great solution, which I intend to use soon. All credits to Matt for his brilliant solution!!

UPDATE 29/7/2018 : This will be the first unfinished project that is posted on this blog. After spending three months, I got some info that the version of the panel I have,  does not support automation. 

Another thing that lead me to abandon this project, is that NAPCO does not provide any info on this panel like DSC etc. so it is very difficult to reverse engineer. 

I will leave this port active though, for someone who will need the info posted here.

I am currently working on a project regarding some hack on my alarm panel. It’s a napco 1632. I am trying to reverse engineer communications in order to build a webapp to control the panel remotely. There are some options provided by napco, but need separate hardware.

My system is equipped with NL-MOD-UL module that gives you the ability to configure the alarm panel through LAN. This module is connected on the serial port of the panel. The panel has the ability to send real-time status messages through the serial port and receive commands like system arm, but napco hasn’t developed any application to do that. They have only quickloader for configuration and management of the panel.

Newest modules like STARLINK or IBR-ZREMOTE give the ability to control the panel remotely, but the hardware is expensive. So, as I said,  I am trying to reverse engineer for a solution. The newest modules are not connected on the serial  port of the panel but on the keypad bus. I have already ordered a logic analyzer in order to decode the bus. But until I receive my logic analyzer, I did some attempts to read it via an arduino MEGA. I made a circuit with an optocoupler because the voltage is to high for the arduino to handle.

Here is the arduino code : ttl-debug

The bus of napco 1632 has four cables :

  • RED ( +12V )
  • BLACK ( GND )
  • YELLOW ( Keypad TX – Panel RX )
  • GREEN ( Panel TX – Keypad RX )

Continue reading

LTSP on ubuntu 16.04 server

LTSP (Linux Terminal Server Project), adds thin client support to Linux servers. Just imagine PCs without a hard drive, running linux over the network. Pretty cool!

So what do we need to accomplish that ?

We just need a DHCP service (with specific options like 66, 67, 17), a linux box running the  LTSP server and some client PCs connected to the same network. You will find many guides on the internet on how to install a LTSP server. All guides install the DHCP server on the same box. Also they are using DHCP proxy etc. My case has a DHCP server working on mikrotik routerOS.

So, in this guide, I assume that my local network is 192.168.1.0/24, my mikrotik device is the gateway of the network and has an interface (ether1) with IP address 192.168.1.1 and my linux box has the ip address 192.168.1.10 and runs ubuntu server 16.04. Continue reading

Traffic capture from a mikrotik device to wireshark

Today, for troubleshooting purposes, I needed to capture traffic from a Mikrotik wireless access point that I have. Mikrotik devices have a build-in tool called Packet sniffer, which does exactly what I need but what if I had these captures on a remote PC ?

Well we can accomplish this and have the captures on wireshark. All we need is network connectivity, of course, between the Mikrotik device and the PC running wireshark. I am using wireshark 2.2.7 by the way.

Continue reading

Prestashop 1.7 – Classic theme SCSS to CSS

For the past 3 days, I was looking for a way to make changes to the classic’s theme CSS. As an amateur, I thought that if I make the changes I want to the files that are located on the _dev directory inside my theme, changes will be converted to CSS……. WRONG !!!

So I started looking harder. There are many solutions on the internet. Some almost worked, some not, some were to complicated to understand. After spending hours and hours o this, I final made it. So here it goes.

Continue reading

Telnet zero-day on cisco devices

Cisco announced a remote code execution vulnerability that affects telnet on catalyst series devices. Once again this has to do with the documents leaked by Wikileaks, known as Vault 7.

Cisco recommends to enable only SSH access on the devices affected, if possible. For devices that do not support SSH, VTY access lists may be applied to reduce the risk.

More information about the vulnerability and the devices affected, can be found here.

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...